教育房产时事环球科技商业
投稿投诉
商业财经
热点动态
科技数码
软件应用
国际环球
晨报科学
新闻时事
信息智能
汽车房产
办公手机
教育体育
生活生物
教育体育生活生物

权限控制(springboot整合security实现权限控制)

  权限控制(springboot整合security实现权限控制)1.建表,五张表,如下:1.1.用户表CREATETABLE`t_sys_user`(`user_id`bigint(20)NOTNULLAUTO_INCREMENTCOMMENT'用户ID',`user_name`varchar(30)NOTNULLCOMMENT'用户名',`user_password`varchar(128)NOTNULLCOMMENT'用户密码',`salt`varchar(64)DEFAULTNULLCOMMENT'加密盐',`user_phone`varchar(20)DEFAULTNULLCOMMENT'手机号',`user_emai`varchar(20)DEFAULTNULLCOMMENT'邮箱',`user_title`varchar(20)DEFAULTNULLCOMMENT'职称',`creater_id`bigint(20)DEFAULTNULLCOMMENT'创建人ID',`creater_name`varchar(30)DEFAULTNULLCOMMENT'创建人名称',`creater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'创建时间',`updater_id`bigint(20)DEFAULTNULLCOMMENT'更新人ID',`updater_name`varchar(30)DEFAULTNULLCOMMENT'更新人名称',`updater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'更新时间',`role_ids`varchar(200)DEFAULTNULL,`role_names`varchar(300)DEFAULTNULL,  PRIMARYKEY(`user_id`)  )ENGINE=InnoDBAUTO_INCREMENT=17DEFAULTCHARSET=utf8;1.2.用户角色表CREATETABLE`t_sys_user_role`(`user_role_id`bigint(20)NOTNULLAUTO_INCREMENTCOMMENT'用户角色ID',`user_id`bigint(20)NOTNULLCOMMENT'用户ID',`role_id`bigint(20)NOTNULLCOMMENT'角色ID',  PRIMARYKEY(`user_role_id`)  )ENGINE=InnoDBAUTO_INCREMENT=29DEFAULTCHARSET=utf8;1.3.角色表CREATETABLE`t_sys_role`(`role_id`bigint(20)NOTNULLAUTO_INCREMENTCOMMENT'角色ID',`role_name`varchar(100)NOTNULLCOMMENT'角色名称',`role_code`varchar(100)NOTNULLCOMMENT'角色编码',`creater_id`bigint(20)DEFAULTNULLCOMMENT'创建人ID',`creater_name`varchar(30)DEFAULTNULLCOMMENT'创建人名称',`creater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'创建时间',`updater_id`bigint(20)DEFAULTNULLCOMMENT'更新人ID',`updater_name`varchar(30)DEFAULTNULLCOMMENT'更新人名称',`updater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'更新时间',`permission_ids`varchar(200)DEFAULTNULL,`permission_names`varchar(300)DEFAULTNULL,  PRIMARYKEY(`role_id`)  )ENGINE=InnoDBAUTO_INCREMENT=4DEFAULTCHARSET=utf8;1.4.角色权限表CREATETABLE`t_sys_role_permission`(`role_permission_id`bigint(20)NOTNULLAUTO_INCREMENTCOMMENT'角色权限ID',`role_id`bigint(20)NOTNULLCOMMENT'角色ID',`permission_id`bigint(20)NOTNULLCOMMENT'权限ID',  PRIMARYKEY(`role_permission_id`)  )ENGINE=InnoDBAUTO_INCREMENT=78DEFAULTCHARSET=utf8;
  1.5.权限表CREATETABLE`t_sys_permission`(`permission_id`bigint(20)NOTNULLAUTO_INCREMENTCOMMENT'权限ID',`permission_name`varchar(100)NOTNULLCOMMENT'权限名称',`permission_code`varchar(100)NOTNULLCOMMENT'权限编码',`creater_id`bigint(20)DEFAULTNULLCOMMENT'创建人ID',`creater_name`varchar(30)DEFAULTNULLCOMMENT'创建人名称',`creater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'创建时间',`updater_id`bigint(20)DEFAULTNULLCOMMENT'更新人ID',`updater_name`varchar(30)DEFAULTNULLCOMMENT'更新人名称',`updater_time`timestampNULLDEFAULTCURRENT_TIMESTAMPCOMMENT'更新时间',  PRIMARYKEY(`permission_id`)  )ENGINE=InnoDBAUTO_INCREMENT=26DEFAULTCHARSET=utf8;2.pom.xml引入依赖:<dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-security</artifactId></dependency>3.编码步骤:3.1.在用户实体类中实现UserDetails接口的方法packagecom.lz.hehuorenservice.system.entity;importcom.lz.hehuorenservice.common.entity.BaseEntity;importio.swagger.annotations.ApiModelProperty;importorg.springframework.security.core.GrantedAuthority;importorg.springframework.security.core.authority.SimpleGrantedAuthority;importorg.springframework.security.core.userdetails.UserDetails;importjava.util.*;/**Createbyhyhwebon2021/6/616:24*/publicclassUserextendsBaseEntityimplementsUserDetails{/**用户主键ID*/@ApiModelProperty(value="用户主键ID")privateLonguserId;/**用户名*/@ApiModelProperty(value="用户名")privateStringuserName;/**用户密码*/@ApiModelProperty(value="用户密码")privateStringuserPassword;@ApiModelProperty(value="")privateStringsalt;/**手机号*/@ApiModelProperty(value="手机号")privateStringuserPhone;/**邮箱*/@ApiModelProperty(value="邮箱")privateStringuserEmai;/**职称*/@ApiModelProperty(value="职称")privateStringuserTitle;@ApiModelProperty(value="角色ID")privateStringroleIds;@ApiModelProperty(value="角色名称")privateStringroleNames;/**创建人ID*/@ApiModelProperty(value="创建人ID")privateLongcreaterId;/**创建人名称*/@ApiModelProperty(value="创建人名称")privateStringcreaterName;/**创建时间*/@ApiModelProperty(value="创建时间")privateDatecreaterTime;/**更新人ID*/@ApiModelProperty(value="更新人ID")privateLongupdaterId;/**更新人名称*/@ApiModelProperty(value="更新人名称")privateStringupdaterName;/**更新时间*/@ApiModelProperty(value="更新时间")privateDateupdaterTime;privateSet<String>permissions;@OverridepublicCollection<?extendsGrantedAuthority>getAuthorities(){  List<SimpleGrantedAuthority>authorities=newArrayList<>();/*  //绑定角色的授权方法  if(roles!=null){  for(RolesysRole:roles){  authorities.add(newSimpleGrantedAuthority(sysRole.getRoleCode()));  }  }*///绑定权限的授权方法if(permissions!=null){for(Stringpermission:permissions){  authorities.add(newSimpleGrantedAuthority(permission));  }  }returnauthorities;  }@OverridepublicStringgetPassword(){returnuserPassword;  }@OverridepublicStringgetUsername(){returnuserName;  }@OverridepublicbooleanisAccountNonExpired(){returntrue;  }@OverridepublicbooleanisAccountNonLocked(){returntrue;  }@OverridepublicbooleanisCredentialsNonExpired(){returntrue;  }@OverridepublicbooleanisEnabled(){returntrue;  }publicLonggetUserId(){returnuserId;  }publicvoidsetUserId(LonguserId){this.userId=userId;  }publicStringgetUserName(){returnuserName;  }publicvoidsetUserName(StringuserName){this.userName=userName;  }publicStringgetUserPassword(){returnuserPassword;  }publicvoidsetUserPassword(StringuserPassword){this.userPassword=userPassword;  }publicStringgetSalt(){returnsalt;  }publicvoidsetSalt(Stringsalt){this.salt=salt;  }publicStringgetUserPhone(){returnuserPhone;  }publicvoidsetUserPhone(StringuserPhone){this.userPhone=userPhone;  }publicStringgetUserEmai(){returnuserEmai;  }publicvoidsetUserEmai(StringuserEmai){this.userEmai=userEmai;  }publicStringgetUserTitle(){returnuserTitle;  }publicvoidsetUserTitle(StringuserTitle){this.userTitle=userTitle;  }publicStringgetRoleIds(){returnroleIds;  }publicvoidsetRoleIds(StringroleIds){this.roleIds=roleIds;  }publicStringgetRoleNames(){returnroleNames;  }publicvoidsetRoleNames(StringroleNames){this.roleNames=roleNames;  }publicLonggetCreaterId(){returncreaterId;  }publicvoidsetCreaterId(LongcreaterId){this.createrId=createrId;  }publicStringgetCreaterName(){returncreaterName;  }publicvoidsetCreaterName(StringcreaterName){this.createrName=createrName;  }publicDategetCreaterTime(){returncreaterTime;  }publicvoidsetCreaterTime(DatecreaterTime){this.createrTime=createrTime;  }publicLonggetUpdaterId(){returnupdaterId;  }publicvoidsetUpdaterId(LongupdaterId){this.updaterId=updaterId;  }publicStringgetUpdaterName(){returnupdaterName;  }publicvoidsetUpdaterName(StringupdaterName){this.updaterName=updaterName;  }publicDategetUpdaterTime(){returnupdaterTime;  }publicvoidsetUpdaterTime(DateupdaterTime){this.updaterTime=updaterTime;  }publicSet<String>getPermissions(){returnpermissions;  }publicvoidsetPermissions(Set<String>permissions){this.permissions=permissions;  }  }3.2.在用户的服务实现类中,实现UserDetailsService接口的loadUserByUsername方法,返回用户的所有信息。packagecom.lz.hehuorenservice.system.service.impl;importcom.lz.hehuorenservice.common.service.impl.BaseServiceImpl;importcom.lz.hehuorenservice.system.dao.UserDao;importcom.lz.hehuorenservice.system.entity.User;importcom.lz.hehuorenservice.system.service.UserService;importorg.springframework.beans.factory.annotation.Autowired;importorg.springframework.security.core.userdetails.UserDetails;importorg.springframework.security.core.userdetails.UserDetailsService;importorg.springframework.security.core.userdetails.UsernameNotFoundException;importorg.springframework.stereotype.Service;importjava.util.Set;/**Createbyhyhwebon2021/6/616:28*/@ServicepublicclassUserServiceImplextendsBaseServiceImpl<User,Long>implementsUserService,UserDetailsService{@AutowiredUserDaouserDao;@OverridepublicUserDetailsloadUserByUsername(StringuserName)throwsUsernameNotFoundException{  Useruser=userDao.getUserByName(userName);if(user==null){thrownewUsernameNotFoundException("账户不存在");  }  Set<String>permissions=userDao.getPermissionByUserId(user.getUserId());  user.setPermissions(permissions);returnuser;  }  }3.3.编写配置类,重写WebSecurityConfigurerAdapter类的三个configure方法,也就是重新配置三个对象AuthenticationManagerBuilder,HttpSecurity,WebSecurity。packagecom.lz.hehuorenservice.common.config;importcom.fasterxml.jackson.databind.ObjectMapper;importcom.lz.hehuorenservice.common.bean.CustomAccessDeniedHandler;importcom.lz.hehuorenservice.common.bean.CustomAuthenticationEntryPoint;importcom.lz.hehuorenservice.common.filter.CustomAuthenticationFilter;importcom.lz.hehuorenservice.system.entity.User;importcom.lz.hehuorenservice.system.service.impl.UserServiceImpl;importorg.springframework.beans.factory.annotation.Autowired;importorg.springframework.context.annotation.Bean;importorg.springframework.context.annotation.Configuration;importorg.springframework.security.authentication.*;importorg.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;importorg.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;importorg.springframework.security.config.annotation.web.builders.HttpSecurity;importorg.springframework.security.config.annotation.web.builders.WebSecurity;importorg.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;importorg.springframework.security.core.Authentication;importorg.springframework.security.core.AuthenticationException;importorg.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;importorg.springframework.security.crypto.password.PasswordEncoder;importorg.springframework.security.web.access.AccessDeniedHandler;importorg.springframework.security.web.authentication.AuthenticationFailureHandler;importorg.springframework.security.web.authentication.AuthenticationSuccessHandler;importorg.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;importorg.springframework.security.web.authentication.logout.LogoutHandler;importorg.springframework.security.web.authentication.logout.LogoutSuccessHandler;importorg.springframework.web.cors.CorsUtils;importjavax.servlet.ServletException;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;importjava.io.IOException;importjava.io.PrintWriter;importjava.util.HashMap;importjava.util.Map;/**Createbyhyhwebon2021/6/78:26*/@Configuration@EnableGlobalMethodSecurity(prePostEnabled=true,securedEnabled=true)publicclassWebSecurityConfigextendsWebSecurityConfigurerAdapter{  @AutowiredUserServiceImpluserService;//这个必须是接口的实现类,不能是接口@BeanPasswordEncoderpasswordEncoder(){returnnewBCryptPasswordEncoder(10);//returnNoOpPasswordEncoder.getInstance();}/*@Bean  RoleHierarchyroleHierarchy(){  RoleHierarchyImplroleHierarchy=newRoleHierarchyImpl();  //Stringhierarchy="ROLE_dba>ROLE_admin\nROLE_admin>ROLE_user";  Stringhierarchy="ROLE_admin>ROLE_user";  roleHierarchy.setHierarchy(hierarchy);  returnroleHierarchy;  }*/@BeanCustomAuthenticationFiltercustomAuthenticationFilter()throwsException{CustomAuthenticationFilterfilter=newCustomAuthenticationFilter();filter.setAuthenticationSuccessHandler(  newAuthenticationSuccessHandler(){  @OverridepublicvoidonAuthenticationSuccess(HttpServletRequestreq,HttpServletResponseresp,Authenticationauth)throwsIOException,ServletException{Objectprincipal=auth.getPrincipal();  resp.setContentType("application/json;charset=utf-8");PrintWriterout=resp.getWriter();  resp.setStatus(200);Map<String,Object>map=newHashMap<>();map.put("code","1");map.put("success",true);map.put("message","登录成功");Useruser=(User)principal;  user.setUserPassword(null);map.put("data",user);ObjectMapperom=newObjectMapper();  out.write(om.writeValueAsString(map));  out.flush();  out.close();/*resp.setContentType("application/json;charset=utf-8");  PrintWriterout=resp.getWriter();  Map<String,Object>map=newHashMap<String,Object>();  map.put("message","登录成功");  out.write(newObjectMapper().writeValueAsString(map));  out.flush();  out.close();*/}  });filter.setAuthenticationFailureHandler(  newAuthenticationFailureHandler(){  @OverridepublicvoidonAuthenticationFailure(HttpServletRequestreq,HttpServletResponseresp,AuthenticationExceptione)throwsIOException,ServletException{  resp.setContentType("application/json;charset=utf-8");PrintWriterout=resp.getWriter();  resp.setStatus(401);Map<String,Object>map=newHashMap<>();map.put("status",401);if(einstanceofLockedException){map.put("msg","账号被锁定,登录失败");  }elseif(einstanceofBadCredentialsException){map.put("msg","账号或密码输入错误,请重新登录");  }elseif(einstanceofDisabledException){map.put("msg","账号被禁用,登录失败");  }elseif(einstanceofAccountExpiredException){map.put("msg","账号过期,登录失败");  }elseif(einstanceofCredentialsExpiredException){map.put("msg","密码过期,登录失败");  }else{map.put("msg","登录失败");  }ObjectMapperom=newObjectMapper();  out.write(om.writeValueAsString(map));  out.flush();  out.close();/*resp.setContentType("application/json;charset=utf-8");  PrintWriterout=resp.getWriter();  Map<String,Object>map=newHashMap<String,Object>();  map.put("message","登录失败");  out.write(newObjectMapper().writeValueAsString(map));  out.flush();  out.close();*/}  });filter.setAuthenticationManager(authenticationManagerBean());returnfilter;  }  @Overrideprotectedvoidconfigure(AuthenticationManagerBuilderauth)throwsException{  auth.userDetailsService(userService);  }  @BeanpublicAccessDeniedHandlergetAccessDeniedHandler(){returnnewCustomAccessDeniedHandler();  }  @Overridepublicvoidconfigure(WebSecurityweb)throwsException{  web.ignoring()  .antMatchers("/sessionInvalid","/register","/app/**","/login_page")  .antMatchers("/index.html","/static/**","/favicon.ico")  .antMatchers("/swagger-ui/**","/swagger/**","/doc.html","/swagger-resources/**","/images/**","/webjars/**","/v3/api-docs","/configuration/ui","/configuration/security");  }  @Overrideprotectedvoidconfigure(HttpSecurityhttp)throwsException{  http.cors()//开启跨域.and()//获取一个安全编译器.authorizeRequests()//授权请求.requestMatchers(CorsUtils::isPreFlightRequest)  .permitAll()//跨域的请求开放所有权限.anyRequest()//所有请求.authenticated()//所有请求都需要认证.and()  .sessionManagement()  .invalidSessionUrl("/session/invalid")  .and()//获取一个安全编译器.formLogin()//表单登录配置.loginPage("/login_page")//登录页面访问地址.loginProcessingUrl("/login")//配置登录接口地址.usernameParameter("userName")//配置登录的账号字段.passwordParameter("userPassWord")//配置登录密码字段.and()//获取一个安全编译器.logout()//退出登录配置.logoutUrl("/logout")//设置退出登录的接口地址.clearAuthentication(true)//清除所有认证信息.invalidateHttpSession(true)//让session失效.addLogoutHandler(  newLogoutHandler(){//退出登录时的处理器@Overridepublicvoidlogout(HttpServletRequesthttpServletRequest,HttpServletResponsehttpServletResponse,Authenticationauthentication){}  })  .logoutSuccessHandler(  newLogoutSuccessHandler(){//退出成功后的处理器@OverridepublicvoidonLogoutSuccess(HttpServletRequesthttpServletRequest,HttpServletResponsehttpServletResponse,Authenticationauthentication)throwsIOException,ServletException{  httpServletResponse.setContentType("application/json;charset=utf-8");PrintWriterout=httpServletResponse.getWriter();Map<String,Object>map=newHashMap<>();map.put("message","退出成功");map.put("code","1");map.put("success",true);ObjectMapperom=newObjectMapper();  out.write(om.writeValueAsString(map));  out.flush();  out.close();  }  })  .permitAll()//设置退出登录的所有权限.and()//获取一个安全编译器.csrf()  .disable()//关闭csrf跨站点请求伪造.exceptionHandling()  .authenticationEntryPoint(newCustomAuthenticationEntryPoint());//自定义认证的入口异常处理方法http.addFilterAt(customAuthenticationFilter(),UsernamePasswordAuthenticationFilter.class);  //重写用户名密码的过滤器,实现前后端分离获取登录的用户名,密码信息http.exceptionHandling().accessDeniedHandler(getAccessDeniedHandler());  //没有权限访问的处理器  }  }
  3.3.1CustomAccessDeniedHandler自定义没权限方法的处理器packagecom.lz.hehuorenservice.common.bean;importcom.fasterxml.jackson.databind.ObjectMapper;importorg.springframework.security.access.AccessDeniedException;importorg.springframework.security.web.access.AccessDeniedHandler;importjavax.servlet.ServletException;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;importjava.io.IOException;importjava.io.PrintWriter;importjava.util.HashMap;importjava.util.Map;/**Createbyhyhwebon2021/6/711:50*/publicclassCustomAccessDeniedHandlerimplementsAccessDeniedHandler{  @Overridepublicvoidhandle(HttpServletRequesthttpServletRequest,HttpServletResponsehttpServletResponse,AccessDeniedExceptione)throwsIOException,ServletException{  httpServletResponse.setContentType("application/json;charset=utf-8");PrintWriterout=httpServletResponse.getWriter();Mapmap=newHashMap<>();map.put("message","权限不足,请联系管理员开通权限");map.put("code",0);map.put("status",403);map.put("success",false);Stringresult=newObjectMapper().writeValueAsString(map);  out.write(result);  out.flush();  out.close();  }  }3.3.2CustomAuthenticationEntryPoint自定义认证的入口packagecom.lz.hehuorenservice.common.bean;importcom.fasterxml.jackson.databind.ObjectMapper;importorg.springframework.security.core.AuthenticationException;importorg.springframework.security.web.AuthenticationEntryPoint;importjavax.servlet.ServletException;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;importjava.io.IOException;importjava.io.PrintWriter;importjava.util.HashMap;importjava.util.Map;/**Createbyhyhwebon2021/6/711:42*/publicclassCustomAuthenticationEntryPointimplementsAuthenticationEntryPoint{  @Overridepublicvoidcommence(HttpServletRequesthttpServletRequest,HttpServletResponsehttpServletResponse,AuthenticationExceptione)throwsIOException,ServletException{  httpServletResponse.setContentType("application/json;charset=utf-8");PrintWriterout=httpServletResponse.getWriter();Mapmap=newHashMap<>();map.put("message","还没登录,请重新登录");map.put("code",302);Stringresult=newObjectMapper().writeValueAsString(map);  out.write(result);  out.flush();  out.close();  }  }3.3.3.CustomAuthenticationFilter自定义packagecom.lz.hehuorenservice.common.filter;importorg.springframework.http.MediaType;importorg.springframework.security.authentication.UsernamePasswordAuthenticationToken;importorg.springframework.security.core.Authentication;importorg.springframework.security.core.AuthenticationException;importorg.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;importjavax.servlet.http.HttpServletRequest;importjavax.servlet.http.HttpServletResponse;importjava.io.IOException;importjava.io.InputStream;/**Createbyhyhwebon2021/6/712:07*/publicclassCustomAuthenticationFilterextendsUsernamePasswordAuthenticationFilter{@OverridepublicAuthenticationattemptAuthentication(  HttpServletRequestrequest,HttpServletResponseresponse)throwsAuthenticationException{if(request.getContentType().equals(MediaType.APPLICATION_JSON_UTF8_VALUE)  ||request.getContentType().equals(MediaType.APPLICATION_JSON_VALUE)){  UsernamePasswordAuthenticationTokenauthRequest=null;try(InputStreamis=request.getInputStream()){  ObjectMappermapper=newObjectMapper();  Map<String,String>authenticationBean=mapper.readValue(is,Map.class);  authRequest=newUsernamePasswordAuthenticationToken(  authenticationBean.get("userName"),authenticationBean.get("userPassWord"));/*authRequest=  newUsernamePasswordAuthenticationToken(  request.getParameter("userName"),request.getParameter("userPassWord"));*/}catch(IOExceptione){  e.printStackTrace();  authRequest=newUsernamePasswordAuthenticationToken("","");  }finally{  setDetails(request,authRequest);returnthis.getAuthenticationManager().authenticate(authRequest);  }  }else{returnsuper.attemptAuthentication(request,response);  }  }  }4.controller层使用权限注释@PreAuthorize实现权限控制@RestController@RequestMapping("/user")@Api(tags="用户信息")  publicclassUserController{@AutowiredprivateUserServiceuserService;@ApiOperation(value="删除单个对象",notes="删除单个对象接口")@GetMapping("/delete/{id}")@PreAuthorize("hasAuthority('delete')")  publicApiResultdeleteById(@PathVariablelongid){returnuserService.deleteById(id);  }  }附加说明:Spring Security的表达式对象的基类:
  org.springframework.security.access.expression.SecurityExpressionRoot
  在controller的方法中使用注释,如下:
  @PreAuthorize("表达式('权限值')")@PreAuthorize("hasAuthority('zixunguanli-xinzeng')")  publicApiResultadd(@RequestBodyStringjson){returninfoService.add(JSON.parseObject(json,InfoReq.class));  }
  表达式如下:booleanhasAuthority(Stringvar1);booleanhasAnyAuthority(String...var1);booleanhasRole(Stringvar1);booleanhasAnyRole(String...var1);booleanpermitAll();booleandenyAll();booleanisAnonymous();booleanisAuthenticated();booleanisRememberMe();booleanisFullyAuthenticated();booleanhasPermission(Objectvar1,Objectvar2);booleanhasPermission(Objectvar1,Stringvar2,Objectvar3);Spring Security的重构获取用户名和密码的方式,实现前后端分离的json格式,如下:
  重构
  org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter的attemptAuthentication方法
抑郁症要吃什么药(药物治疗真的安全吗?)抑郁症要吃什么药(药物治疗真的安全吗?)相信大家都知道,抑郁症正在成为仅次于癌症的人类第二大杀手。据相关调查研究可知,大约5个人中就有1个人在一生中的某个时刻会经历一次抑郁发作。作细胞免疫疗法(细胞免疫治疗时代来临!)细胞免疫疗法(细胞免疫治疗时代来临!)1个癌症患者,7个肿瘤和1480亿个免疫细胞1个惊人的恢复,这一串数字令人惊艳,但这不是一串单纯的数字,这是席琳瑞安(CelineRyan)经细胞因子风暴(免疫治疗引发的夺命细胞因子风暴)细胞因子风暴(免疫治疗引发的夺命细胞因子风暴)细胞因子风暴也叫细胞因子释放综合征(英文简称CRS),它是一种不常见的免疫治疗相关的不良事件。一般会在最后一个治疗周期的两周内出现发烧太空迎3d打印机(在国际空间站3D打印是种什么体验?)太空迎3d打印机(在国际空间站3D打印是种什么体验?)随着人类在地外空间探索的加深,行星际空间飞行也越来越接近现实,空间站也开始从观察者向着空间旅行中继站的角色转变。今年早些时候,喝柠檬水的好处与坏处(喝柠檬水有什么好处吗?)喝柠檬水的好处与坏处(喝柠檬水有什么好处吗?)喝柠檬水的好处1皮肤美白养颜美容喝柠檬水可以让皮肤变白,这一点让很多女士很是亲睐。都说一百遮千丑,柠檬中的维生素成份十分的高,倘若锲而格华止盐酸二甲双胍片(正吃着二甲双胍,还能打新冠疫苗吗?)格华止盐酸二甲双胍片(正吃着二甲双胍,还能打新冠疫苗吗?)老王最近有点烦。他不久前查出来患上了糖尿病,正在按照医嘱服用二甲双胍控制血糖。血糖刚控制住,单位又通知说要组织打新冠疫苗。吃二甲双胍能减肥吗(二甲双胍单纯用于减肥靠谱不?)吃二甲双胍能减肥吗(二甲双胍单纯用于减肥靠谱不?)杨小姐最近得到减肥秘籍,吃降血糖的二甲双胍可以减肥。究竟是真是假,我们一起在文章中揭晓。糖尿病患者可以对于糖尿病患者,尤其是肥胖超食欲减退(食欲下降排尿异常?)食欲减退(食欲下降排尿异常?)尿毒症并不是独立的疾病,是多种肾病晚期共有的综合征。各种肾脏疾病高血压代谢性疾病泌尿系统感染以及慢性尿路梗阻滥用药物等都会引发尿毒症。因此以上几类人应铜钱草的养殖方法(家庭养护铜钱草,掌握几个技巧)铜钱草的养殖方法(家庭养护铜钱草,掌握几个技巧)夏天很多植物都处于休眠状态,休眠状态的植株长势不好影响观赏性,夏季想在家里养一些既有观赏价值,养护又简单的植物,那铜钱草肯定是其中的茶油是什么?(茶油护肤的作用与功效是什么?)茶油是什么?(茶油护肤的作用与功效是什么?)茶油通常是用来食用的,可是也有一些人会用茶油来美容。那么茶油护肤的作用与功效是什么?茶油涂脸的正确方法要知道!茶油护肤的作用与功效茶油是长寿花花语(长寿花不止是长寿)长寿花花语(长寿花不止是长寿)长寿花的花语和含义有长寿安康多子多孙大吉大利,寄予此花最真挚的期盼与愿望,表达自己内心最纯真的美好,适合送给父母长辈妻子朋友等,祝福他们在生活中快乐幸
<<<<<<>>>>>>
疯狂机车(疯狂机车马路飙到400kmh)疯狂机车(疯狂机车马路飙到400kmh)极速达到400kmh,对于任何一部四轮跑车都是不敢轻易尝试的数字,而来自日本的变态重机川崎H2R竟然在近日完成了这项爆表挑战,用时仅需26秒苍耳子散(苍耳子散加味治疗鼻窦炎!)苍耳子散(苍耳子散加味治疗鼻窦炎!)风热袭肺型鼻窦炎症见鼻涕黄浊味臭,鼻塞时作,嗅觉减退,头额胀痛,发热恶寒,咳嗽痰黄,咽干,苔薄黄。治法疏风清热,芳香通窍。方剂苍耳子散加味药物有隔断红尘三十里!(隔断红尘三十里,白云红叶两悠悠!)隔断红尘三十里!(隔断红尘三十里,白云红叶两悠悠!)8首诗词叹红尘,隔断红尘三十里,白云红叶两悠悠。竹枝词九首其九刘禹锡山上层层桃李花,云间烟火是人家。银钏金钗来负水,长刀短笠去烧电视墙隔断(电视墙隔断客餐厅)电视墙隔断(电视墙隔断客餐厅)HOLIKEof2021HOLIKE化繁为简的空间格局,在极简的基底上克制地做加法,一点一滴累积出生活滋味,却依然让家看起来宁静有序,常住常新的奥秘。湾田国际(湾田国际二手交易市场开业)湾田国际(湾田国际二手交易市场开业)湾田国际二手交易市场今日正式开业。红网时刻6月1日讯(记者戴丹通讯员周茜)2021年6月1日,湾田国际二手交易市场正式开业,长沙人采购二手家具家营销策划论坛(2020中国内容营销高峰论坛在京召开)营销策划论坛(2020中国内容营销高峰论坛在京召开)后疫情时代,内容营销如何化危为机找到新的增长点?9月4日,被称为中国内容营销风向标的中国内容营销高峰论坛在京召开,会议提出,营销紫府仙缘5200(经典全本奇幻修真小说,紫府仙缘)紫府仙缘5200(经典全本奇幻修真小说,紫府仙缘)印象最深莫过于开篇几章节的描写,一如身临其境,过后回味无穷,看完结局后意犹未尽,感情描写不错,可以看出作者很有底蕴,非种马文,无论少年派奇幻漂流(少年派的奇幻漂流隐喻的解析)少年派奇幻漂流(少年派的奇幻漂流隐喻的解析)1第一个故事是善良的编造,第二个故事才是真实的。厨子是鬣狗,斑马是佛教徒,猩猩是母亲,老虎是派的黑暗欲望部分,而少年派是派的善良光明部分买机票哪个网站最便宜?(白菜价机票快速减少?)买机票哪个网站最便宜?(白菜价机票快速减少?)进入3月,解放日报上观新闻记者搜索各大机票预订平台发现,白菜价的国内机票较2月底明显减少,同时,来自不同平台的数据显示,国内出行的旅客手机信号不好怎么办(手机信号弱怎么办?)手机信号不好怎么办(手机信号弱怎么办?)当今的技术意味着我们始终保持联系当我们的联系真正按照应有的方式工作时。您的WiFi是否像乌龟一样?没有人有时间或耐心做这件事。以下方法帮助你脸红发烫是什么原因造成的(脸红发烫是怎么回事)脸红发烫是什么原因造成的(脸红发烫是怎么回事)造成脸红发烫的原因有很多,它不仅会对我们的健康造成较大的负面影响,而且还会影响到我们的心情,让我们不能将注意力集中于工作或者是学习中,
解梦组词造句